Publishers Clearing House

The Customer

Publishers Clearing House (PCH) is a leading omni-channel media company offering a broad range of products, digital entertainment, and services to consumers that power its famous free-to-play, chance-to-win prize promotions. Founded in 1953 by Harold and LuEsther Mertz, PCH’s famous Prize Patrol surprises screaming winners on their doorsteps with flowers, champagne, and their well-known oversized checks that change the lives of their winners. The company has awarded over $240 Million in prizes and has evolved to expand its offerings to include many ways to win online, through social media, and via mobile.

The Challenges

Protecting the Publishers Clearing House brand across the web

PCH made a significant investment in expanding their brand through gaming sites and free-to-play apps, so for them, establishing consumer trust in the mobile environment is a key business effort. But as with all leading brands, threat actors are eager to leverage the PCH brand for fraud and other nefarious purposes. That’s why PCH wanted a solution that goes beyond the capabilities of the security tools they already had in place to detect instances of rogue apps and domain infringement across the globe. PCH’s security team needed a better way to identify and manage external threats to ensure the apps customers download on their phones, and the sites they visit, are legitimate.

The Solution

RiskIQ Digital Footprint

Managing digital assets across an enterprise is challenging, and PCH’s security team needed to find a better way to find out the magnitude of the problem facing their brand. RiskIQ ran a comprehensive discovery and found multiple instances of domain infringement and rogue apps as well as several assets the CISO thought were taken down months prior.

RiskIQ External Threat Detection – Mobile Threats

With RiskIQ, PCH can now monitor and fully manage their mobile presence across the world. RiskIQ Mobile Threats helps them detect unauthorized apps designed to divert users, distribute malware, and steal customer or company data. With a single click, PCH can remove unauthorized apps from all stores, globally.

RiskIQ External Threat Detection – Domain Infringement

With RiskIQ, PCH can discover their legitimate domain footprint as well as detect the unauthorized use of their brand within third-party registered domain names. With this data, their security team can continuously monitor their site content and behavior to prioritize infringements according to their brand impact.

At first, we weren’t aware of the scope of the underground market for rogue apps. Once we got started, we found that they could quickly erode that line of business for us. We had tools in place that we thought were sufficient but realized that there needed to be more robust effort. RiskIQ helped us identify and shut down all instances of rogue apps and domain infringement to ensure customers feel comfortable with our apps and sites and continue to do business with us.

The Results

Within the first month of using RiskIQ, PCH eradicated more than 40 rogue and blacklisted mobile apps and identified multiple instances of domain infringement and squatting. PCH can now fully protect themselves on the mobile front and have full visibility into all rogue events.

Check out the webinar we did with Sal Tripi, Mobile Threats: Is That Really Your App?